Skip to content

ViperShellKid/nmap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Aggeressive scan.png
Aggeressive scan.png
 
 
Basic scan .png
Basic scan .png
 
 
NSE.png
NSE.png
 
 
README.md
README.md
 
 
Time.png
Time.png
 
 
host discovery using -sn.png
host discovery using -sn.png
 
 
host discovery using ping.png
host discovery using ping.png
 
 
host discovery.png
host discovery.png
 
 
http-header detections.png
http-header detections.png
 
 
os version detection.png
os version detection.png
 
 
output 1.png
output 1.png
 
 
output.png
output.png
 
 
scan all ports.png
scan all ports.png
 
 
scan particular ports.png
scan particular ports.png
 
 
service version detection.png
service version detection.png
 
 
ssl-tls config detection.png
ssl-tls config detection.png
 
 
using -sn.png
using -sn.png
 
 

Repository files navigation

Nmap Scan Summary and Key FindingsThis repository documents a comprehensive Nmap scan series executed against the target IP 192.168.175.129.

The objective was to map the target's network services, identify running software versions, and assess its overall security posture.

Scans performed included basic port enumeration, aggressive version/OS detection (-A), and NSE scripting.

  1. Target Identity and Host DiscoveryTarget IP: 192.168.175.129Operating System (OS): Detected as an older version of Linux (Kernel 2.6).Platform: Hosted within a VMware virtualized environment.

  2. Critical Vulnerabilities and High-Risk ServicesThe most concerning findings are centered around outdated and misconfigured services, which expose the host to immediate exploitation.

3.PortServiceVersion/DetailSeverityAssessment21FTPvsftpd 2.3.4CRITICALKnown Backdoor & Misconfiguration: This version is publicly known to contain a backdoor (CVE-2011-2523) allowing remote root access.

Furthermore, the scan confirmed Anonymous Login is enabled, representing a severe security failure.80HTTPApache 2.2.8 & PHP 5.2.4MAJORExtremely Outdated Stack: Both the web server and scripting engine versions are decades old and are associated with numerous publicly known, easily exploitable vulnerabilities (CVEs).22SSHOpenSSH 4.7p1MEDIUMLegacy Software: This version is based on old Debian packages. While not an immediate cleartext risk, its age increases the probability of protocol or implementation flaws that could be exploited.

  1. Other Open Services and Attack SurfaceThe target presents a wide attack surface with several other services that require further investigation:Telnet (23): Open unencrypted login service.SMTP (25): Postfix mail server running.Databases (3306, 5432): MySQL and PostgreSQL services are active.Remote Access (5900): VNC is listening, suggesting potential weak authentication.Conclusion and Mitigation PrioritiesThe scan confirms the target is highly vulnerable.

Immediate priorities for exploitation research and mitigation should focus on:Confirming and exploiting the vsftpd 2.3.4 backdoor (CVE-2011-2523).Exploiting known vulnerabilities in the outdated Apache/PHP stack.Investigating potential brute-force or default credentials for the open database and remote access services.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published